This NIST Multi-Cloud conference yesterday had several excellent sessions and the full recording is available on the conference web page at: https://www.nist.gov/news-events/events/2023/05/4th-multi-cloud-conference-and-workshop
All the
agenda sessions were good, but I particularly liked the following sessions and the discussions about
next generation, context based access control (CBAC) that were included in the Tetrate and service mesh presentations:
- 10:20 NIST 800-207A: A Zero Trust Architecture Model for Access Control in Cloud Native Applications in Multi-Cloud Environments by the authors: Ramaswamy Chandramouli*, Senior Computer Scientist, NIST & Zack Butcher, Founding Engineer, Tetrate
- 11:00 Guiding Principles for Zero Trust in the Federal Government Ross Foard*, CISA, DHS
- 1:45 Next-gen Authorization - The Role of NGAC and Service Mesh for Enterprise-wide Authorization: Ignasi Barerra, Founding Engineer, Tetrate & Zack Butcher, Founding Engineer, Tetrate
- 3:15 Panel: The Yellow Brick Road to High Assurance with OSCAL: Moderator: Brian Ruf, Director for Cybersecurity, Easy Dynamics, Panelists: Daniele Catteddu, CTO, Cloud Security Alliance (CSA) & Michaela Iorga, OSCAL Strategic Director, NIST
https://www.nist.gov/news-events/events/2023/05/4th-multi-cloud-conference-and-workshop
------------------------------
Erik Johnson CCSK, CCSP, CISSP, PMP
Senior Research Analyst
Cloud Security Alliance
[email protected]
------------------------------